1. Field of the Invention
The present invention relates to a data processing apparatus and system for performing processing for provided content data, and a data processing method for such an apparatus and a system.
2. Description of the Related Art
A data providing system for distributing encrypted content data to data processing apparatuses of users who have made a predetermined contract and for enabling the data processing apparatuses to decode the content data and to read and record it is available. One type of such data providing systems is a conventional electronic music distribution (EMD) system for distributing music data.
FIG. 106 is a schematic diagram illustrating a conventional EMD system 700. In the EMD system 700, content providers 701a and 701b encrypt content data 704a, 704b, and 704c, and copyright information 705a, 705b, and 705c by using session key data obtained after performing mutual authentication, and then provide the encrypted data to a service provider 710 online or offline. The copyright information 705a, 705b, and 705c may include serial copy management system (SCMS) information, digital watermark information for embedding copyright information into the content data, and information for embedding copyright information into transmission protocols of the service provider 710.
The service provider 710 decodes the received content data 704a, 704b, and 704c, and the copyright information 705a, 705b, and 705c by the use of the session key data.
The service provider 710 then embeds the copyright information 705a, 705b, and 705c into the decoded content data 704a, 704b, and 704c which have been received online or offline so as to create content data 707a, 707b, and 7074c. In this case, as part of the copyright information 704a, 704b, and 704c, the service provider 710 embeds the digital watermark information into the content data 704a, 704b, and 704c by changing predetermined frequency domains, and embeds the SCMS information into network protocols used for transmitting the content data 704a, 704b, and 704c to the user.
The service provider 710 also encrypts the content data 707a, 707b, and 707c by using content key data Kca, Kcb, and Kcc, respectively, read from a key database 706. Subsequently, the service provider 710 encrypts a secure container 722, which stores the encrypted content data 707a, 707b, and 707c, by using session key data obtained after performing mutual authentication, and sends the encrypted secure container 722 to a conditional access (CA) module 711 stored in a terminal device 709 of the user.
The CA module 711 decodes the secure container 722 by using the session key data. The CA module 711 also receives the content key data Kca, Kcb, and Kcc from the key database 706 of the service provider 710 by using an accounting function, such as an electronic settlement system or a CA, and decodes it by using the session key data. This enables the terminal device 709 to decode the content data 707a, 707b, and 707c by using the content key data Kca, Kcb, and Kcc, respectively.
The CA module 711 performs accounting processing for each content so as to generate accounting information 721, and encrypts it by using the session key data and sends it to a rights processing module 720 of the service provider 710.
In this case, the CA module 711 performs the processing on the items concerning the services provided by the service provider 710, in other words, the items to be managed by the service provider 710, such as user's contract (renewal) information, collection of, for example, a monthly basic fee incurred by using a network, accounting processing for each content, and ensuring the security of the physical layer of the network.
Upon receiving the accounting information 721 from the CA module 711, the service provider 710 distributes the profits between the service provider 710 and the content providers 701a, 701b, and 701c. In this case, the profits are distributed from the service provider 710 to the content providers 701a, 701b, and 701c via an intermediary, for example, the Japanese Society for Rights of Authors, Composers and Publishers (JASRAC). JASRAC also distributes the profits of the content providers 701a, 701b, and 701c to the copyright holder, the artist, the composer, the writer, and the production company of the content data, etc.
In recording the content data 707a, 707b, and 707c decoded with the content key data Kca, Kcb, and Kcc, respectively, on a recording medium 723, such as a random access memory (RAM), the terminal device 709 performs copy control by overwriting the SCMS bits of the copyright information 705a, 705b, and 705c. That is, the user performs copy control based on the SCMS bits embedded into the content data 7074a, 707b, and 707c, thereby implementing copyright protection.
The SCMS prohibits the copying operation of the content data, for example, for two or more generations (copy free), but allows unlimited one-generation copying (copy once), and is thus insufficient for copyright protection.
In the above-described EMD system 700, it is necessary for the content provider 701 to monitor the action of the service provider 710, who is technically able to freely handle the unencrypted content data, and the profit of the content providers 701a, 701b, and 701c may be unfairly exploited.
Additionally, in the EMD system 700, it is difficult to restrict illegal actions of the user's terminal device 709, such as authoring the content data distributed from the service provider 710 and re-distributing it to another terminal device, thereby also unfairly exploiting the profits of the content providers 701a, 701b, and 701c. 